summaryrefslogtreecommitdiff
path: root/security/apparmor/audit.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/apparmor/audit.c')
-rw-r--r--security/apparmor/audit.c28
1 files changed, 28 insertions, 0 deletions
diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c
index 704b0c895605..e638f7bc9f52 100644
--- a/security/apparmor/audit.c
+++ b/security/apparmor/audit.c
@@ -36,6 +36,28 @@ static const char *const aa_audit_type[] = {
"AUTO"
};
+static const char *const aa_class_names[] = {
+ "none",
+ "unknown",
+ "file",
+ "cap",
+ "net",
+ "rlimits",
+ "domain",
+ "mount",
+ "unknown",
+ "ptrace",
+ "signal",
+ "unknown",
+ "unknown",
+ "unknown",
+ "net",
+ "unknown",
+ "label",
+ "lsm",
+};
+
+
/*
* Currently AppArmor auditing is fed straight into the audit framework.
*
@@ -65,6 +87,12 @@ static void audit_pre(struct audit_buffer *ab, void *ca)
audit_log_format(ab, " operation=\"%s\"", aad(sa)->op);
}
+ if (aad(sa)->class)
+ audit_log_format(ab, " class=\"%s\"",
+ aad(sa)->class <= AA_CLASS_LAST ?
+ aa_class_names[aad(sa)->class] :
+ "unknown");
+
if (aad(sa)->info) {
audit_log_format(ab, " info=\"%s\"", aad(sa)->info);
if (aad(sa)->error)
generated by cgit v1.2.3 (git 2.39.0) at 2024-08-06 10:31:08 +0300